NCBA Group Head, Information Security Jobs in Kenya

NCBA Group Head, Information Security Jobs in Kenya

About the Company

  • The new NCBA has harnessed the power of both NIC and CBA to create a bank that brings together the best of both worlds — from cutting edge mobile banking to good old-fashioned relationship management; from scalable business banking to financial services that grow as your business does; from best-in-class choice of products to investment solutions tailored to your specific needs.

    Job Purpose Statement

  • The role of Head, Information Security will provide continuous assurance of NCBA Group’s information systems around confidentiality, integrity and availability of information, and ensure protection of these information assets by ensuring appropriate security controls are in place to protect the Group’s technology and information assets from information & cyber security related risks.

  • This role will define and execute the information security strategy and roadmap for the Group, ensuring that governance and assurance in information security is enshrined and practiced within the Group, appropriate technology systems and controls are implemented, as well as ensuring that key technology projects and initiatives are compliant with security best practices and guidelines.

    Ideal Person Specifications

    • Bachelor’s Degree in Information Systems, Computer Science, Information Security or related field required

    • 7-10 years in information security or information security governance experience, with 5 years in a managerial role within a highly digitized organization, with a proven ability to engage with Senior Management and regulators.

    • 4+ years’ experience conducting IT compliance assessments or administering IT security controls in an organization.

    • Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.

    • Experience with security technologies & controls including IPS/IDS, SIEM, DLP and other security technologies.

    • Relevant certifications in information security knowledge areas, such as Information

    • Systems Audit, Information Security Management and Ethical Hacking.

    • Knowledge of: Strong Authentication, End Point Security, Internet Policy

    • Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM),

    • Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM)

    • Knowledge of banking or financial services fundamentals and processes (prior experience working within a financial service organization is an added advantage)

    • Excellent communication, analytical and reporting skills

    • Knowledge in project management skills


    Strategy and Roadmap 20%

    • Develop and align the information security strategy to the Group and Information Technology strategy, to ensure information security supports business objectives.

    • Execute an information security roadmap, aligned to information technology roadmap and in support of business growth.

    • Define Information Security architecture in line with the technology architecture blueprint and best practice.

    Cyber Security Defence 25%

    • Setup and implement
    Information Security practices around patching, vulnerability, malware management program etc. within the Group, ensuring that vulnerability assessments & penetration testing is conducted and patching and remediation of vulnerabilities is done as per policy and procedure.

    • Drive the implementation, administration and support of technology control systems as per the IS roadmap.

    • Implement continuous monitoring of technology assets for cyber incidents that impact on confidentiality, integrity and availability of systems, by putting in place the appropriate people, processes and technology.

    • Implement security incident response for effective response, containment and recovery from security incidents or breaches.

    Cyber Security Assurance 25%

    • Provide information security assurance to technology systems to ensure that new products, services, channels and other IT changes introduced meet the security compliance thresholds.

    • Participant as a key stakeholder in the Bank’s Change Management governance process (Change Advisory Board) with responsibility to approve or reject changes that do not meet the compliance threshold.

    • Participate and contribute towards developing and supporting IT practices (e.g. agile, DevSecOps)

    Information Security Governance 20%

    • Develop and implement Group Information Security framework, strategy, policy and procedures.

    • Ensure that best practice and regulatory guidelines on Cyber Security are enshrined within the Group’s policies and procedures.

    • Develop and implement an effective information security awareness program covering all staff and key stakeholders of the Bank.

    • Develop and implement a robust IT Business Continuity Management program, ensuring that effective BCP & DR processes are setup and executed.

    • IT department risk champion, interfacing with the compliance teams to manage technology risk and audit engagements.

    People Leadership 10%

    • Provide effective leadership to the Information Security team, and work with peer IT heads and other IT staff to ensure a conducive work environment.

    • Provide leadership, performance management, talent management, training and development programs, coaching and mentoring for the Information Security team.

    • Liaise with internal and external stakeholders (vendors, regulator and consultants) in ensuring that the information security objectives are met.

    Required Skills

  • Risk management, Information security, Risk analysis, System and network security, Security operations, Training delivery.

    How to Apply

  • For more information and job application details, see; NCBA Group Head, Information Security Jobs in Kenya

    Find jobs in Kenya. Jobs - Kenya jobs. Search our career portal & find the latest Kenyan job positions, career opportunities & jobs in Kenya.

    Jobs in Kenya - banking jobs, IT jobs, accounting jobs, NGO jobs, business administration, ICT, UN jobs, procurement jobs, education jobs, hospital jobs, human resources jobs, engineering, teaching jobs, and other careers in Kenya.

    Find your dream job from 1000s of vacancies in Kenya posted and updated daily - click here!

  • Click here to post comments

    Join in and write your own page! It's easy to do. How? Simply click here to return to Best Africa Jobs.